Askey Computer PKE938 Users Manual
Chapter 2: WEB Configuration
8. RIP (Routing Information Protocol) Setup
This feature enables the gateway to be used in small business situations where more than one LAN
(local area network) is installed. The RIP protocol provides the gateway a means to “advertise”
available IP routes to these LANs to your cable operator, so packets can be routed properly in this
situation.
Your cable operator will advise you during installation if any setting changes are required here.
Fig. 26 Gateway\Advanced\RIP Setup
46
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
Gateway – Firewall Web Page Group
1. Web Content Filtering
These pages allow you to enable, disable, and configure a variety of firewall features associated with
web browsing, which uses the HTTP protocol and transports HTML web pages. On these pages, you
designate the gateway packet types you want to have forwarded or blocked. You can activate settings
by checking them and clicking Apply.
The web-related filtering features you can activate from the Web Content Filter page include Filter
Proxy, Filter Cookies, Filter Java Applets, Filter ActiveX, Filter Popup Windows, and Firewall
Protection.
If you want the gateway to exclude your selected filters to certain computers on your LAN, enter their
MAC addresses in the Trusted Computers area of this page.
Fig. 27 Gateway\Firewall\Web Filter
47
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
2. TOD Filtering
Use this page to set rules that will block specific LAN side PCs from accessing the Internet, but only
at specific days and times. Specify a PC by its hardware MAC address, and then use the tools to
specify blocking time. Finally, click the Apply button to save your settings.
Fig. 28 Gateway\Firewall\TOD Filtering
48
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
3. Local Log and Remote Log
The gateway builds a log of firewall blocking actions that Firewall has taken.Using the Local Log
page lets you specify an email address to which you want the gateway to email this log. You must also
tell the gateway your outgoing (i.e. SMTP) email server’s name, so it can direct the email to it. Enable
Email Alerts has the gateway forward email notices when Firewall protection events occur. Click
E-mail Log to immediately send the email log. Click Clear Log to clear the table of entries for a fresh
start.
The log of these events is also visible on the screen. For each blocking event type that has taken place
since the table was last cleared, the table shows Description, Count, Last Occurrence, Target, and
Source.
Fig. 29 Gateway\Firewall\Local Log
The Remote Log page allows you to specify the IP address where a SysLog server is located and select
different types of firewall events that may occur. Then, each time such an event occurs, notification is
automatically sent to this log server.
Fig. 30 Gateway\Firewall\Remote Log
49
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
Gateway – Parental Control Web Page Group
1. Basic
This page allows you to enable, disable, and configure a variety of firewall features associated with
web browsing, which uses the HTTP protocol and transports HTML web pages. On these pages, you
designate the gateway packet types you want to have forwarded or blocked. You can activate settings
by checking them and clicking Apply.
Here are some of your choices on the Parental Control page:
Activate Keyword Blocking and specify some keywords in the Keyword List to cause blocking
of web pages on the WAN side with the specified keyword in the content.
Activate Domain Blocking and specify some Domain Names (e.g. disney.com) in the Domain
List.
Fig. 31 Gateway\Parental Control\Basic
50
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
Gateway – Wireless Web Page Group
The Wireless web pages group enables a variety of settings that can provide secure and reliable
wireless communications for even the most demanding tech-savvy user.
The Wireless Voice Gateway offers a choice of 802.1x, WPA and WPA-PSK authentication of your
PCs to the gateway, 64 and 128 bit WEP encryption of communication between the gateway and your
PCs to guaranty security, and an Access Control List function that enables you to restrict wireless
access to only your specific PCs.
The wireless function will probably work in your home as shipped from the factory, but without the
security features activated. In addition, the factory default wireless channel setting may not provide
optimum changes are recommended from the factory defaults, to secure your wireless communications
and provide optimum performance.
Performance
Because your wireless communication travels through the air, the factory default wireless channel
setting may not provide optimum performance in your home if you or your neighbors have other
interfering 2.4GHz devices such as cordless phones. If your wireless PC is experiencing very sluggish
or dramatically slower communication compared with the speed you achieve on your PC that is wired
to the gateway, try changing the channel number. See the 802.11b/g/n Basic Web Page discussion
below for details.
Authentication
Authentication enables you to restrict your gateway from communicating with any remote wireless
PCs that aren’t yours. The following minimum authentication-related changes to factory defaults are
recommended. See the 802.11b/g Basic and Access Control Web Page discussions below for details.
Network Name (SSID) – Set a unique name you choose
Network Type – Set to Open
Access Control List – Enter your wireless PCs’ MAC addresses
Security
Security secures or scrambles messages traveling through the air between your wireless PCs and the
gateway, so they can’t be observed by others. The following minimum security setting changes to
factory defaults are recommended. See the 802.11b/g Security Web Page discussion below for details.
Data Encryption – Set to WEP (64-bit)
PassPhrase – Use this feature to generate security keys
51
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
1. 802.11b/g/n Radio
To set the basic configuration for the wireless features, click RADIO from the Wireless menu. These
must match the settings you make on your wireless-equipped PC on the LAN side.
Fig. 32 Gateway\Wireless\Radio
Interface: The wireless radio in your gateway can be completely de-activated by changing Interface to
Disabled. Click the Apply button to save your settings. Activated by changing interface to enabled.
Wireless MAC Address: The MAC address for this wireless device will be displayed in this field
automatically.
Output Power:
This setting decides the output power of this device. You may use it to economize on electricity
by selecting lower percentage of power output. Control the range of the AP by adjusting the radio
output power.
802.11 Band: It can Support 2.4 GHz and 5 GHz exclusively.
802.11n mode: It will help you to Enable or Disable the 11N mode. To enable you need to select Auto, to
disable you need to select Off, and so force the AP to operate in 802.11g mode.
Bandwidth: Select wireless channel width 20Mhz is for default value (bandwidth taken by wireless
signals of this access point.)
52
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
Sideband for Control Channel (40Mhz only): There are “Lower” and “Upper” can be selected if
Bandwidth 40Mhz is Enabled.
Control Channel: There are 13 channels that you can choose. Choose the one that is suitable for this
device.
Current Channel: The channel that you choose will be displayed in this field.
Restore Wireless defaults: To recover to the default settings, press this button to retrieve the settings and
click Apply.
Setting Description Value List or Range
Network Name
(SSID)
Set the Network Name
(also known as SSID) of
this network.
Up to 32-character
string containing
ASCII characters only
THOM-Dxxxxxxx
Default
Select Closed to hide the
network from active
Network Type
scans. Select Open to
Open, Closed Open
reveal the network to
active scans.
New Channel
Interface
Select a particular channel
on which to operate.
Enable or disable the
wireless interface.
Table1. Basic Settings Definitions
1-13 1, 6 or 11
Enabled, Disabled Enabled
Your service provider might enforce different default settings, please check with your provider to insure
proper setup
53
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
2. 802.11b/g/n Primary Network
This page allows you to configure the Network Authentication. It provides several different
modes of wireless security. You will have to enter proper information according to the mode you
select.
Fig. 33 Gateway\Primary Network
WPA
WPA (Wi-Fi Protected Access)/WPA2
WPA WPA
/WPA2:
/WPA2/WPA2
It must be used in conjunction with an authentication server such as RADIUS to provide centralized
access control and management. It can provide stronger encryption and authentication solution than
54
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
none WPA modes. WPA2 is the second generation of WPA security
WPA-PSK (WPA-Pre-Shared Key) /WPA2-PSK (WPA2-Pre-Shared Key):
It is useful for small places without authentication servers such as the network at home. It allows the
use of manually-entered keys or passwords and is designed to be easily set up for home users.
WEP Encryption:
WEP Encryption:
WEP Encryption: WEP Encryption:
You can choose 64-bit or 128-bit according to your needs. If you choose Disabled, the Network Keys
will not be shown on this page. If selected, the data is encrypted using the key before being transmitted.
For example, if you set 128-bit in this field, then the receiving station must be set to use the128 Bit
Encryption, and have the same Key value too. Otherwise, it will not be able to decrypt the data.
( Note: You need to connect one end of the Ethernet cable to the Ethernet port on the back of your
computer, and the other end to the ETHERNET port on the Wireless Voice Gateway. )
If you select WEP (64-bit or 128-bit), you can adjust the following settings-
Shared Key Authentication: Decide whether to set the shared key Optional or Required by
selecting from the drop-down menu.
Network Key 1 to 4: The system allows you to enter four sets of the WEP key. For 64-bit WEP
mode, the key length is 5 characters or 10 hexadecimal digits. As for 128-bit WEP mode, the key
length is 13 characters or 26 hexadecimal digits.
Current Network Key: Select one set of the network key (from 1 to 4) as the default one.
PassPhrase: You can enter ASCII codes into this field. The range is from 8 characters to 64
characters. For ASCII characters, you can key in 63 characters in this field. If you want to key
in 64 characters, only hexadecimal characters can be used.
Generate WEP Keys: Click this button to generate the PassPhrase.
Fig. 34 PassPhrase
Apply: After proper configuration, click Apply to invoke the settings.
55
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
802.1x Authentication
If you enable the 802.1x authentication function, you will have to offer the following information-
RADIUS Server: RADIUS Server is a protocol for carrying authentication, authorization, and
configuration information between a Network Access Server which desires to authenticate its
links and a shared Authentication Server. Please key in the IP Address for the RADIUS Server.
RADIUS Port: Besides the IP address of the RADIUS Server, you have to enter the port number
for the server. Port 1812 is the reserved RADIUS-authentication port described in RFC 2138.
Earlier AP (RADIUS clients) use port 1945. The default value will be shown on this box. You
can keep and use it.
RADIUS Key: A RADIUS Key is like a password, which is used between IAS and the specific
RADIUS client to verify identity. Both IAS and the RADIUS client must be use the same
RADIUS Key for successful communication to occur. Enter the RADIUS Key.
Fig. 35 802.1x Authentication
56
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
WPA/WPA2
For the WPA/WPA2 network Authentication, the settings that you can adjust including WPA/WPA2
Encryption, RADIUS Server, RADIUS Port, RADIUS Key, Group Key Rotation Interval, and
WPA/WPA2 Re-auth Interval.
WPA/WPA2 Encryption: There are three types that you can choose, TKIP*, AES**,
TKIP+AES.
TKIP takes the original master key only as a starting point and derives its encryption keys
mathematically from this mater key. Then it regularly changes and rotates the encryption
keys so that the same encryption key will never be used twice
** AES provides security between client workstations operating in ad hoc mode. It uses a
mathematical ciphering algorithm that employs variable key sizes of 128, 192 or 256 bits.
RADIUS Server/RADIUS Port/RADIUS Key: Please refer to the previous page.
Group Key Rotation Interval: Key in the time for the WAP group key rotation interval. The unit
is second. With increasing rekey interval, user bandwidth requirement is reduced.
WPA/WPA2 Re-auth Interval: When a wireless client has associated with the Wireless Voice
Gateway for a period of time longer than the setting here, it would be disconnected and the
authentication will be executed again. The default value is 3600, you may modify it.
Fig. 36 WPA/WPA2
57
Illustrations contained in this document are for representation only.
Chapter 2: WEB Configuration
WPA-PSK/ WPA2-PSK
For the WPA-PSK/WPA2-PSK network Authentication, the settings that you can adjust including
WPA/WPA2 Encryption, WPA Pre-Shared Key, and Group key Rotation Interval.
WPA Pre-Shared Key: Please type the key to be between 8 and 63 characters, or 64
hexadecimal digits. Only the devices with a matching key that you set here can join this network.
WPA/WPA2 Encryption & WPA Group Rekey Interval : Please refer to the WPA/WPA2 part.
Fig. 37 WPA-PSK/WPA2-PSK
58
Illustrations contained in this document are for representation only.
Loading...